Assuming I have an access logfile with referer
If I have
111.111.111.111 - - [.......] "GET /cart.do?action=checkout&productId=prod1" "//..../searchresult"
111.111.111.111 - - [..........
So I am brand new to Splunk. I just finished setting up a Ubuntu server for indexing and have got all my forwarders working just fine. When it came to indexing a logfile from a development test I g...
...very 5 mins and I gave cron expression (*/5 * * * * ) and added it to an existing index with a sourcetype. I looked at the dbx.log file and I see these messages:
2014-07-17 18:26:40.232 dbx8478:I...
I created the .splunkrc file and correctly stored it in C:\Users\username.splunkrc
I filled it out with correct credentials.
1) I am trying to access KV store (the credentials work when I e...
I have released an app for Splunk Enterprise. As Splunk Enterprise is kind of on-premise product and runs on customers' local host, I use filelog to collect debug logs with reference to h...
I've created a new index in Splunk Cloud and trying to ingest logfiles from one of our application servers. This application server is setup as a Deployment Client (with Universal Forwarder). I...
I need to extract a timestamp from logfiles looking like that :
Feb 16 23:58:44 ...
As you can see, there is no reference to the year when the log was generated, so what I want to do is to e...
...reached 500MB, so I had to do a ./splunk clean eventdata .
also, I created my own datetime.xml so I can derive the date from the filename, which I reference in a local props.conf file.
datetime.xml...
...ategory: Executing Pipeline
Level: Warning
Keywords: None
User: SYSTEM
Computer: XXXX.YYYY.ZZZZ
Description:
Error Message = Object reference not set to an instance of an object.
F...